CVE-2025-23417
Published: 01 December 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-23417 is a denial of service vulnerability in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 version 1.6.9. A specially crafted network packet can lead to a denial of service condition, as documented under CWE-306 (Missing Authentication for Critical Function). The vulnerability was published on 2025-12-01 and carries a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H), indicating high severity primarily due to availability impact.
A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted packet to the affected device over the network. No privileges, user interaction, or special access are required, and the attack has low complexity. Successful exploitation results in a denial of service, with the changed scope (S:C) potentially amplifying the impact beyond the vulnerable component.
Mitigation details are available in the Cisco Talos Intelligence report at https://talosintelligence.com/vulnerability_reports/TALOS-2025-2139 and the vendor advisory from Socomec at https://www.socomec.fr/sites/default/files/2025-04/CVE-2025-23417---Diris-Digiware-Webview-_VULNERABILITIES_2025-04-11-17-16-19_English_0.pdf. Security practitioners should consult these resources for patching instructions and workarounds specific to the DIRIS Digiware M-70.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability allows remote unauthenticated exploitation via a specially crafted packet to the Modbus RTU over TCP service, directly enabling endpoint denial of service through application exploitation.